LimeSurvey issue tracker
Registration

View Issue Details Jump to Notes ] Related Changesets ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
06938Bug reports[All Projects] Securitypublic2012-11-22 18:512012-12-04 13:16
ReporterpfpDave 
Assigned Toc_schmitz 
PrioritynormalSeverityminor 
StatusclosedResolutionfixed 
Product Version2.00+ 
Target VersionFixed in Version2.00+ 
Summary06938: Web Server Auth Doesn't work
DescriptionWeb Server Auth doesn't work because some code appears to be missing from application\core\useridentity.php. Additionally, I've added code to make it work with Windows Integrated Authentication (allowing single sign on).

Code changes to the above file are:

Change line 59 farom:

elseif(Yii::app()->getConfig("auth_webserver") === true && isset($_SERVER['PHP_AUTH_USER'])) // normal login through webserver authentication

to:

elseif(Yii::app()->getConfig("auth_webserver") === true && (isset($_SERVER['PHP_AUTH_USER'])||isset($_SERVER['LOGON_USER']))) // normal login through webserver authentication

Change line 61 from:

$sUser=$_SERVER['PHP_AUTH_USER'];

to:

            if (isset($_SERVER['PHP_AUTH_USER'])) {
                             $sUser=$_SERVER['PHP_AUTH_USER'];
                        } else {
                            $sUser = $_SERVER['LOGON_USER'];
                            $sUser = substr($sUser, strrpos($sUser, "\\")+1);
                        }
change (old) line 74 from:

                elseif (Yii::app()->getConfig("auth_webserver_autocreate_user"))
                {
                    $aUserProfile=Yii::app()->getConfig("auth_webserver_autocreate_profile");
                }
            }

to:

                elseif (Yii::app()->getConfig("auth_webserver_autocreate_user"))
                {
                    $aUserProfile=Yii::app()->getConfig("auth_webserver_autocreate_profile");
                }
            } else {
        $this->id = $oUser->uid;
                $this->user = $oUser;
                $this->errorCode = self::ERROR_NONE;
                        }

I will donate to the project if issue is resolved within 48 hrsNo
LimeSurvey build number OR git commit ID121115
BrowserIE8
Database & DB-VersionSQL Express 2012
Operating System (Server)Server 2008
Webserver software & versionIIS 7
PHP Version5.4.8
Attached Files

- Relationships

-  Notes
User avatar (22436)
pfpDave (reporter)
2012-11-22 19:00

I've also made an additional enhancement to my install that will allow me to login with an alternative user ID if I want to (ie to login as admin from a colleagues PC for example). The change I made is:

Line 29 from:

        if (Yii::app()->getConfig("auth_webserver")==false)

to:

        if (Yii::app()->getConfig("auth_webserver")==false || $this->username != "")
User avatar (22462)
c_schmitz (administrator)
2012-11-23 19:22

Thank you very much!
User avatar (22464)
c_schmitz (administrator)
2012-11-23 19:22

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10451 [^]
User avatar (22474)
c_schmitz (administrator)
2012-11-24 00:11

Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10465 [^]
User avatar (22508)
pfpDave (reporter)
2012-11-26 10:29

There's a slight fault in the implementation you have added, the closing curly brace needs moving from line 98 to line 93 just above the '} else {'
User avatar (22576)
c_schmitz (administrator)
2012-11-27 06:11

New 2.00+ build released.
User avatar (22609)
pfpDave (reporter)
2012-11-27 16:38

The latest release doesn't contain the fix in my last comment and therefore has a bug.
User avatar (22744)
c_schmitz (administrator)
2012-11-30 15:33

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10620 [^]
User avatar (22756)
c_schmitz (administrator)
2012-11-30 17:02

Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10629 [^]
User avatar (22857)
c_schmitz (administrator)
2012-12-04 13:16

LimeSurvey 2.0+ build 121204 released.

- Related Changesets
LimeSurvey: master b9abfc2d
Timestamp: 2012-11-23 18:22:20
Author: c_schmitz
Committer: Carsten Schmitz
Details ] Diff ]
Fixed issue 06938: Web server auth doesn't work - patch by pfpDave
mod - application/core/UserIdentity.php Diff ] File ]
LimeSurvey: 2.1 fd0f9239
Timestamp: 2012-11-23 18:22:20
Author: c_schmitz
Committer: Carsten Schmitz
Details ] Diff ]
Fixed issue 06938: Web server auth doesn't work - patch by pfpDave
mod - application/core/UserIdentity.php Diff ] File ]
LimeSurvey: master c57d276b
Timestamp: 2012-11-30 14:31:38
Author: c_schmitz
Committer: Carsten Schmitz
Details ] Diff ]
Fixed issue 06938: Web server auth doesn't work - patch by pfpDave
mod - application/core/UserIdentity.php Diff ] File ]
LimeSurvey: 2.1 63e307fe
Timestamp: 2012-11-30 14:31:38
Author: c_schmitz
Committer: Carsten Schmitz
Details ] Diff ]
Fixed issue 06938: Web server auth doesn't work - patch by pfpDave
mod - application/core/UserIdentity.php Diff ] File ]

- Issue History
Date Modified Username Field Change
2012-11-22 18:51 pfpDave New Issue
2012-11-22 19:00 pfpDave Note Added: 22436
2012-11-23 19:21 c_schmitz Assigned To => c_schmitz
2012-11-23 19:21 c_schmitz Status new => assigned
2012-11-23 19:22 c_schmitz Note Added: 22462
2012-11-23 19:22 c_schmitz Status assigned => resolved
2012-11-23 19:22 c_schmitz Fixed in Version => 2.00+
2012-11-23 19:22 c_schmitz Resolution open => fixed
2012-11-23 19:22 c_schmitz Changeset attached => LimeSurvey master b9abfc2d
2012-11-23 19:22 c_schmitz Note Added: 22464
2012-11-24 00:11 c_schmitz Changeset attached => LimeSurvey 2.1 fd0f9239
2012-11-24 00:11 c_schmitz Note Added: 22474
2012-11-26 10:29 pfpDave Note Added: 22508
2012-11-27 06:11 c_schmitz Note Added: 22576
2012-11-27 06:11 c_schmitz Status resolved => closed
2012-11-27 16:38 pfpDave Note Added: 22609
2012-11-27 16:38 pfpDave Status closed => feedback
2012-11-27 16:38 pfpDave Resolution fixed => reopened
2012-11-30 15:32 c_schmitz Status feedback => resolved
2012-11-30 15:32 c_schmitz Resolution reopened => fixed
2012-11-30 15:33 c_schmitz Changeset attached => LimeSurvey master c57d276b
2012-11-30 15:33 c_schmitz Note Added: 22744
2012-11-30 17:02 c_schmitz Changeset attached => LimeSurvey 2.1 63e307fe
2012-11-30 17:02 c_schmitz Note Added: 22756
2012-12-04 13:16 c_schmitz Note Added: 22857
2012-12-04 13:16 c_schmitz Status resolved => closed


Copyright © 2000 - 2014 MantisBT Team
Powered by Mantis Bugtracker